Why Indian MSMEs Must Rethink Cybersecurity

The Indian Micro, Small & Medium Enterprises (MSME) sector comprises over 6.33 crore enterprises, whose contributions make up for about a third of India’s GDP. While the numbers may be impressive, MSMEs are still in the infancy of their post-pandemic digital transformation. Additionally, as their reliance on digital platforms increases, shoestring budgets force them to rely on legacy cybersecurity solutions that are unfit to deal with rapidly adapting cyber threats. Evidence of this can be found in Palo Alto Networks’ 2022 Unit 42 Ransomware Threat Report. Per the report, India saw a 218 per cent increase in ransomware attacks in 2021 - an alarming figure for a country dominated by fledgling enterprises that is looking to digital for rapid scaling.

In addition to issues within the Security Operations Center (SOC), there is also a mindset issue that is common to players in the MSME domain. This mindset reflects that MSMEs “are too small to be attacked.” Here’s why this is erroneous, and could even be considered dangerous. 

In a largely unstructured market like India’s, MSMEs often make up large portions of the supply chain. Weak financial and defensive capabilities are already a concern and any breaches here exposes partner entities to bad actors and leaves back doors open to launch large scale attacks. Additionally, with MSMEs now adopting new technologies to facilitate work from anywhere, the chasm between their expanding digital footprint and the solutions being deployed to secure it continues to grow. Per findings by Unit 42, the threat intelligence team at Palo Alto Networks, the first 5 months of 2022 saw average ransomware payments climb to almost 1 million USD globally - 71 per cent higher than the previous year. This should send the alarm bells ringing in the minds of Indian MSMEs as such figures can be close to, if not more than, a significant chunk of their annual revenues. Therefore, the consequences of inadequate MSME cybersecurity are clear. And they can, not only wreak havoc on MSMEs themselves but on larger business partners working with them as well. 

The approach that MSMEs often take when it comes to cybersecurity is best described as ‘kicking the can further down the road’. This makes things significantly easier for attackers who are constantly on the lookout for vulnerabilities, and armed with attack vectors more advanced than ever seen before. To combat this MSMEs need to completely overhaul their cybersecurity capabilities by:

Abandoning the point-in-time approach: As the threat landscape transforms rapidly, it is important to recognize that cyberthreats are never static. They are adaptive in nature and constantly tweaked by bad actors looking to find new ways to compromise enterprises. This makes it critical to adopt cloud-native solutions that are always one step ahead of these threats, and flag zero-day vulnerabilities within the MSME network.

Increase awareness across the organisation: Employees within MSMEs are often more susceptible to cyberattacks due to the lax nature of the enterprise as a whole. The leadership’s hesitation to recruit top cybersecurity experts is often understandable due to limited resources. Therefore, educating the workforce around cybersecurity best practices is crucial. As per Unit 42’s Incident Response Report 2022, nearly 70 per cent of cyber incidents were caused by phishing. This number could be brought down drastically, if employees were more diligent with how they go about accessing the interwebs on enterprise networks.

Automation will be key: Human errors can be decreased but never completely eradicated. This creates the ideal conditions for automation within enterprise network security. The State of Cloud Native Security Report 2022 by Palo Alto Networks, found that organisations with a high level of security automation are two times more likely to have strong security posture. Automating wherever possible mitigates manual steps involved in resolving security issues thereby expediting the entire process. 

Adopt a Zero Trust approach: With the increasing popularity of work from anywhere, MSME security programs are now expected to support the hybrid work model. Applying the antiquated principles of perimeter security to what is essentially a perimeter-less environment cannot work. MSMEs must consider zero trust solutions for exactly this. Along with constantly verifying entities across the network, it does away with the concept of implicit trust and upholds the principle of “never trust, always verify”.

Lastly, given their ubiquity in the Indian market, MSME cybersecurity cases are a goldmine for threat intelligence groups and watchdog organisations. Aggregating this intel and sharing it with said groups is an effective mitigation strategy as it ensures that these bodies are on par if not ahead of the advanced threat landscape and help create a robust cybersecurity ecosystem in the country.

It is clear that despite being at the forefront of the Indian economy, Indian MSMEs are the most vulnerable targets to cyberattacks. Therefore, it is crucial for them to act now and deploy impermeable cybersecurity solutions, as they may very well hold the key to safely launching India into the next chapter of its economic growth.